Tenable has released critical security updates for its Nessus vulnerability scanner following the discovery of multiple security vulnerabilities, including a severe Windows-specific vulnerability that could allow non-administrative users to overwrite system files with elevated privileges.
The company has issued Nessus versions 10.8.5 and 10.9.0...
The U.S. Department of Treasury's Office of Foreign Assets Control (OFAC) has imposed sanctions on Aeza Group, a Russian-based bulletproof hosting service provider that has facilitated cybercriminal operations targeting American victims and organizations worldwide.
The coordinated action, conducted in partnership with the United Kingdom's...
A severe security vulnerability discovered in the popular Forminator WordPress plugin has left over 600,000 websites vulnerable to complete takeover by unauthenticated attackers.
The vulnerability, designated CVE-2025-6463 with a critical CVSS rating of 8.8, allows malicious actors to delete arbitrary files from affected servers,...
A critical vulnerability in Anthropic's Model Context Protocol (MCP) Inspector tool that allows remote code execution through malicious websites.
The vulnerability , assigned CVE-2025-49596 with a CVSS score of 9.4, represents one of the first critical security issues in Anthropic's MCP ecosystem and highlights...
A critical security vulnerability with a CVSS v4 score of 9.3 has been discovered in MICROSENS NMP Web+ network management equipment, potentially allowing remote attackers to gain system access, overwrite files, and execute arbitrary code.
The German company's widely deployed industrial control systems face...
IBM has disclosed multiple critical security vulnerabilities in its Cloud Pak System platform that could allow attackers to inject malicious HTML code and manipulate JavaScript application prototypes.
The vulnerabilities, tracked as CVE-2020-5258 and CVE-2025-2895, affect various versions of the enterprise cloud management platform across...